Study: Admins slow in patching Apache-SSL servers
About 75 percent of Web sites hosted on Apache-SSL servers are vulnerable, as the software has not been upgraded to fix a serious flaw uncovered in June, according to a survey by Web server information firm Netcraft Ltd. of Bath, England.
Administrators seem to have given priority to patching regular Apache installations, as about half of the 22 million Web sites that rely on Apache are protected through an Apache software upgrade, Netcraft said.
Apache-SSL is a combination of the Apache Web server and OpenSSL security software meant to offer secure Web site connections. Apache-SSL is used for electronic commerce Web sites, for example. Both Apache and OpenSSL are open-source products developed by volunteers.
[ Read more ]